Our product helps security teams quickly and accurately detect intrusions in their cloud environment using canaries - decoys deployed to deceive attackers.

Our research has already made an impact:

• We've disclosed vulnerabilities in Google's Gemini CLI
• Published research on AWS account enumeration techniques and how to exfiltrate data via Cloudtrail

We work with some of the world's leading security teams at companies like Snyk, Riot Games, and Docker.

We're at a key stage: we need someone to expand and formalize our research function, turning findings into actionable insights and engaging content while helping Tracebit contribute to the wider security community.

5+ years in offensive security or vulnerability research with deep focus on cloud platforms (AWS, Azure, GCP). You've found and disclosed vulnerabilities before.

Published security researcher. Track record of blog posts, conference talks, CVEs, or bug bounty submissions. You know how to communicate technical findings clearly.

Technical. Comfortable writing and reading code, and analysing data. You can write scripts, build tooling, and create detection rules.

Self-directed. You're excited to build a research practice from scratch without perfect processes or large teams.

Reporting to Sam, our CTO and Co-Founder, you'll expand our security research practice and conduct novel research that directly improves our product.

Your core focus:

• Conduct deep technical research into complex cloud services to uncover novel attack vectors.
• Investigate real-world attacks across cloud environments, identity providers (IDPs), and infrastructure-as-a-service (IaaS) platforms.
• Help our team design new canary types and improve our product based on your research.
• Publish research through blog posts, conference talks (BlackHat, RSA, BSides, fwd:cloudsec), and community engagement.
• Monitor the threat landscape and proactively research emerging attack techniques to write detections and blog posts
• Represent Tracebit at industry conferences globally and build relationships with other researchers.

You'll find attack vectors, write content, and see our engineering team deploy your findings to protect customers.

Where is the office?

The whole team works together in an office right next to Warren Street tube station - there are lots of great places to grab lunch nearby.

Are you doing hybrid/remote?

Short answer: No, but flexible on a day to day basis.

Long answer: We are set on building the company on a foundation of an office based culture. We are a very early stage company and think that we'll build the best company at the fastest pace we can whilst also having a lot of fun by physically working together 5 days a week. On a case by case basis (e.g. leaving early for a holiday, staying home for a builder, working remote for a few days to visit family, etc. etc.) we're very reasonable and flexible. We respect that this is not for everyone.

What are the working hours like?

We think 9am-6pm will bring a great cadence to work. As a Security Researcher there will definitely be times you need to pick up work outside of these hours, we're keen to limit this where we can but also offer flexibility in return.

Can you sponsor visas?

We can support various types of working visas in the UK, including:

• Skilled Worker Visa (both from within and outside the UK)
• Intra-Company Transfer Visa
• Graduate Visa Transition

We are keen to support candidates who require visa sponsorship. Please let us know which specific visa type you might need during the initial application or interview process. Our team is committed to helping talented individuals navigate the necessary visa requirements.